Thursday, December 07, 2006

For the second time this year, Microsoft has issued a notice of a remote code execution vulnerability in Word for which there is no patch. Their suggested workaround is "Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file." If you rely on exchanging Word documents for your business, this means shut down your business or risk infection with zero-day malware that can compromise your systems.

I recommend switching to OpenOffice and Macintosh. If you must use Windows in a business environment, this presents a strong argument for not giving users administrative rights on their own machines (or at least not on the user they login as to use Word) in order to limit what damage can occur from the exploitation of a vulnerability like this.

Mac OS X is definitely not invulnerable--it has had serious security issues in the past, including 9 (10%) still unpatched. It has a few design advantages (e.g., the way administrative privileges are handled by default, such as the root account being disabled), the advantage of being a less attractive target for hackers due to there being fewer instances out there, and the advantage of the Darwin component of the OS being open source.